Back to Home

Privacy Policy

Sakha (सखा) — AI Wellness Companion

Last updated: April 1, 2026

Margadeshaka (“we,” “our,” or “us”) operates the Sakha mobile application (“the App”). We built Sakha to be a trusted companion — and that trust starts with being transparent about how we handle your data.

This Privacy Policy explains what we collect, why we collect it, how we protect it, and what choices you have. We've written it in plain language because we believe you deserve clarity, not confusion.

1. Information We Collect

1.1 Information You Provide Directly

  • Account Information: Name, email address, and password
  • Birth Details: Date, time, and place of birth — used to personalize your experience
  • Chat Conversations: Messages you exchange with Sakha's AI companion
  • Feedback & Ratings: Your ratings of AI responses and any feedback you provide
  • Profile Preferences: Communication style, language, notification settings

1.2 Information Collected Automatically

  • Device Information: Device type, OS version, app version, anonymized identifiers
  • Usage Data: Features used, session duration, interaction patterns
  • Location Data: Only when you explicitly grant permission for birth city auto-detection. We do not track your ongoing location
  • Crash & Performance Data: Technical diagnostics via Sentry

1.3 Information We Do NOT Collect

  • We do not collect payment or financial information
  • We do not access your contacts, photos, calendar, or personal files
  • We do not track your real-time location or movement
  • We do not sell your data to advertisers or data brokers — ever

2. How We Use Your Information

  • Account Information: Authenticate your identity, manage your account
  • Birth Details: Personalize your experience — understanding your background helps Sakha respond in a more relevant way
  • Chat Conversations: Provide contextual AI responses, maintain conversation continuity
  • Mood & Emotion Data: Tailor AI responses, track patterns over time (only for your benefit)
  • Usage Data: Improve app functionality, fix bugs
  • Feedback: Improve AI response quality and personalization

How AI Processing Works

When you send a message, Sakha's AI constructs a personalized context that may include your profile details, recent conversation history, and your communication preferences. This context is sent to our AI service to generate a meaningful response. The AI does not independently store or learn from your individual conversations beyond your active session context.

3. Crisis Detection & Safety

Sakha includes a crisis detection system that analyzes messages for indicators of distress. If a potential crisis is detected, Sakha will include crisis support resources (helpline numbers) in the response. This system exists solely to protect you. We do not share crisis data with external parties, law enforcement, or insurance companies.

4. Data Storage & Security

  • AES-256-GCM encryption for sensitive PII fields (birth details) at the application level
  • Azure transparent encryption at rest for all database data
  • HTTPS/TLS for all data in transit
  • JWT-based authentication with token refresh
  • Rate limiting on all API endpoints
  • Input validation and sanitization to prevent injection attacks

5. Third-Party Services

ServicePurpose
Azure OpenAI (GPT-4)AI chat responses
Azure Cosmos DBData storage
Firebase Cloud MessagingPush notifications
SentryCrash reporting (user ID only, no PII)
OpenStreetMap NominatimCity search during onboarding

We do not share your birth data, chat conversations, or emotional data with any third party for advertising, marketing, or profiling.

6. Data Retention

  • Account & birth chart data: Until you delete your account
  • Chat sessions: Until you delete them or your account
  • Usage analytics: Aggregated and anonymized after 12 months
  • Crash reports: 90 days

When you delete your account, personal data is permanently removed within 30 days. Residual copies in encrypted backups are purged within 90 days.

7. Your Rights

  • Access: View your data in the app or request a complete copy
  • Correct: Update profile and birth details at any time
  • Delete: Delete individual sessions or your entire account
  • Portability: Request a machine-readable export
  • Withdraw consent: Stop using Sakha and request data deletion at any time

To exercise any of these rights, email us at hiteshgupta3012@gmail.com. We'll respond within 30 days.

8. GDPR & Indian DPDPA Compliance

We comply with both the EU General Data Protection Regulation (GDPR) and the Indian Digital Personal Data Protection Act, 2023. You have all applicable rights including access, rectification, erasure, portability, and the right to object to processing. Contact us to exercise any right.

9. Children's Privacy

Sakha is not intended for children under 13 years of age (or under 16 in the EEA). We do not knowingly collect personal information from children.

10. Contact Us

  • Email: hiteshgupta3012@gmail.com
  • Organization: Margadeshaka
  • Location: Bangalore, Karnataka, India
  • Response Time: Within 48 hours for general inquiries, within 30 days for formal data requests

Sakha (सखा) means “Friend” in Sanskrit. We treat your trust as sacred — protecting your privacy is part of being a true friend.